Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Help with removing tsassist.exe, maybe more. [Solved]

ular

Posted 15 October 2013 - 08:25 AM

ular

Member

Member

37 posts

Within the past two days, tsassist.exe began generating "out of date" software pop-ups in the lower right corner. I made the mistake of clicking the X to close the pop-up and Avira immediately detected a problem. I ran the Avira scanner which resulted in removing two viruses.

Current problem is that tsassist continues to pop-up and I only close it using task manager. I need help cleaning up my PC. Please find the OTL logfile below:

Advertisements

Pyxis

Posted 16 October 2013 - 09:35 AM

Welcome to Geeks to Go--the friendliest online community dedicated to the sole goal of helping people from all around the world!

I am Pyxis and I will be assisting you with the problem at hand. Whilst I am taking the time to analyse your set of provided logs, I would like to stress the following reminders:

I am a student that is currently undergoing training. As such, my responses have to be checked by a professional before I present them to you to ensure you get the best quality help. If you deem I have overlooked your thread, which is in a matter of more than 24 hours, please send me a PM and I will get back to you shortly.

It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.

Ensure you take extra caution to precisely follow my instructions. It is important that you only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.

I hope you keep in mind these reminders. I will be right back with a full response!

ular

Posted 16 October 2013 - 05:07 PM

Pyxis

Posted 16 October 2013 - 09:28 PM

Pyxis

Trusted Helper

Malware Removal

1,228 posts

Hi ular,

Don't worry--we'll be able to fix that annoying pop-up. To begin, could you disable Windows Defender for me? Your current security already covers everything this does and it is unnecessary to let it continue running.

Step 1

You will need to disable Spybot - Search & Destroy's Resident TeaTimer for the entire duration of this fix as it may get in the way.

Launch Spybot - Search & Destroy.

Go to Mode and select Advanced Mode.

On the left pane, choose Tools > Resident.

Uncheck Resident TeaTimer and TeaTimer. Click OK.

Note: Once you are clean, you can re-enable it using the same steps but this time place a check next to Resident TeaTimer and TeaTimer.

Step 2

Download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

Simply double-click the program icon to run it. It will ask for administrator privileges.

Files\Folders moved on Reboot...C:\Windows\temp\FireFly(20131016135928514).log moved successfully.C:\Windows\temp\integratedoffice.exe_c2ruidll(20131016135928514).log moved successfully.C:\Windows\temp\integratedoffice.exe_streamserver(20131016135929514).log moved successfully.File move failed. C:\Windows\temp\ood_stream.x86.en-us.dat scheduled to be moved on reboot.File move failed. C:\Windows\temp\ood_stream.x86.x-none.dat scheduled to be moved on reboot.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 2013-10-16 at 22:44:19.62Computer was rebootedEnd of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Computer Name: XPS | User Name: West | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Computer Name: XPS | User Name: West | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Open the file by double-clicking it and allow it to run. You will be prompted for an action.

Don't be afraid as it is safe. Click Yes to proceed.

Step 2

Upon careful inspection, your log indicates that the program(s) listed below is installed on your computer. I would like to request for the removal of the program(s) as it is associated with malware, adware or spyware. Please proceed to uninstalling by going to Control Panel (Windows XP) or Programs and Features (Windows Vista or Windows 7). If Windows says it cannot locate the program(s) and that it prompts for it to be removed from the list instead, do so by allowing it.

File Type AssistantInform me if you encounter problems in the removal process.

ular

Posted 19 October 2013 - 04:30 PM

ular

Member

Topic Starter

Member

37 posts

Hi Pyxis,

I was able to run programs as requested. I was unable to find File Type Assist in Programs and Features. ESET required just over five hours to run with 17 detections. Please find logs below in the order requested.

Pyxis

Posted 21 October 2013 - 07:41 AM

Pyxis

Trusted Helper

Malware Removal

1,228 posts

Thank you for your cooperation. Your logs show no sign of infection. Congratulations, your system is now clean. Below are a few more steps you have to complete to ensure the good working condition of your system.

►Remove Special Tools with OTL by OldTimer

Using this tool will remove all temporary, and unnecessary files still in your computer after using the tools I asked you to run earlier.

Double-click OTL.exe to run it. For Windows Vista and Windows 7 users, please run it as an administrator.

As seen on the interface, click the CleanUp button.

You will be asked to reboot after. Please allow it to do so by clicking Yes on the next prompt.

►Set a Clean Restore Point

Doing this will prevent you from a possible reinfection. You see, malicious files try to save a copy of themselves in the System Volume Information storage. The latter is a protected directory; the best way to get rid of these possible copies is to do the step below. Since your system is now clean, it is essential to set a clean and working backup.

Navigate to Start, right-click Computer and click Properties.

On the left, click System protection.

Click Configure... > Delete.

Choose Continue when asked. Click Close and then OK.

Now click Create.... Input any title and press Create.

Once done, press Close > OK.

System Restore will now be working again.

I will now proceed to giving to tips on how to maintain your system as it is. You can do the following as a routine to ensure that your system will work properly. Anytime you encounter an infection again, please do not hesitate to go back here at Geeks to Go.

►Keep Your Computer Updated

Your current Windows operating system needs to install additional updates which are important, one of which is the Service Pack. The latter and other updates contain fixes and patches to prevent attackers from compromising your system. It is imperative that you keep your system up-to-date by obtaining free updates whenever they are available.

Install the latest Service Pack by going 'here'. If you already have, continually visit the official 'Microsoft Windows Update' site to keep your system up-to-date.►Update Your Anti-Virus Every Day

★UpdatingEnsuring that you have one anti-virus installed in your system is a good way to prevent being infected. You must always make sure to update your anti-virus every day; anti-virus companies see to to it that the latest definition updates are distributed to be in par with the growing advancement and propagation of malware. Your anti-virus is useless if you do not update it.

★ScanningSet a scanning routine. Ensure that you do a full scan with your anti-virus monthly. This is part of maintaining a clean system--a scanning routine proves to be effective. You can never be sure when your computer has caught an infection.

►Install Supplementary Programs

Alongside your anti-virus and firewall, various programs are can be obtained to help keep your system secure. Don't worry, they pose no conflict to your current installation. The best of all, these programs are free. The names contain the download links.

★MVPS Hosts FileThe MVPS Hosts File replaces your current HOSTS file with one containing well-known ad sites, etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. This also helps to protect your privacy and security by blocking sites that may track your viewing habits, also known as "click-thru tracking" or data miners.

★SpywareBlasterSpywareBlaster can help keep your system secure, without interfering with the "good side" of the web. And unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

Just like your regular security programs, SpywareBlaster needs to be updated every day.

Open the program by clicking the icon.

Click Updates > Check For Updates.

If there happens to be an update, a Enable All Protection button will appear. Please click that button.

If you have any unresolved issues with regard to this thread or you need more please ask me. I would assist you further, should it be required. Otherwise, enjoy your clean system.